Hi,
Although there probably is, I am old-fashioned and implement that in
a Servlet Filter. Below is such a Filter. It will redirect person either
to
or from a https port depending on whether the URL matches a given
pattern.
**
* This class contains an web application SSL filter
*
* @author Nick Sophinos, OK well surely lifted from someone else.
*
*/
public class SSLFilter implements Filter {
private FilterConfig filterConfig;
Log log;
public void init(FilterConfig config) throws ServletException {
this.filterConfig = config;
log = Core.getLogger();
}
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain)
throws IOException, ServletException {
String logId = Util.getLogId(this, "doFilter");
log.debug("IN " + logId);
HttpServletRequest httpRequest = (HttpServletRequest) request;
HttpServletResponse httpResponse = (HttpServletResponse) response;
String scheme = request.getScheme();
String servletPath = httpRequest.getServletPath();
StringBuffer requestURL = httpRequest.getRequestURL();
String queryString = httpRequest.getQueryString();
if (queryString != null && queryString.length() > 0) {
requestURL.append("?" + httpRequest.getQueryString());
}
String requestURLString = requestURL.toString();
log.debug(logId + servletPath + " SECURE? " + servletPath.startsWith
("/secure/"));
if(!servletPath.startsWith("/images/") &&
!servletPath.startsWith("/js/") && !servletPath.startsWith("/css/")) {
if(scheme != null && !scheme.equals("https") &&
servletPath.startsWith("/secure/"))
{
log.debug(logId + "Requested URL that was NOT SSL and SHOULD BE.");
log.debug(logId + "The requestURL is " + requestURLString );
requestURLString = requestURLString.replaceFirst("http", "https");
log.debug(logId + "The new requestURL is " + requestURLString );
httpResponse.sendRedirect(requestURLString);
}
else if(scheme != null && scheme.equals("https") &&
!servletPath.startsWith("/secure/")) {
log.debug(logId + "Requested URL that was SSL and SHOULD NOT BE.");
log.debug(logId + "The requestURL is " + requestURLString );
requestURLString = requestURLString.replaceFirst("https", "http");
log.debug(logId + "The new requestURL is " + requestURLString );
httpResponse.sendRedirect(requestURLString);
}
else {
chain.doFilter(request, response);
}
}
else {
chain.doFilter(request, response);
}
}
public void destroy() {
}
}
On 1/27/06, Dave Newton <[EMAIL PROTECTED]> wrote:
>
> Dinesh Mehra wrote:
> > Is there any way in struts-config.xml (either by action mapping or in
> > forward tag) where I can rectify this situation??
> >
> http://struts.apache.org/struts-doc-1.2.x/faqs/ssl.html
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
